After creating a priority, findings and assets can be associated with the Priorities module.
Findings and assets can also be linked to a priority from the Clients module using bulk actions.
Step 1: From the Priorities module home page, click the row or View under the "Actions" column of the priority to update.
Step 2: Click the Findings tab.
Step 3: Click Link Findings.
Step 4: Use the filters on the left nav bar to reduce the list.
Step 5: Select the findings to link. Click Continue with X findings.
Step 6: Select any affected assets to link. Use the assets filters to narrow the search results. Click Link affected asset or Continue without assets.
The user is returned to the Findings tab page. A notification will appear confirming the action, and the page will refresh with the recently added findings.
Any affected assets added will be displayed on the Assets tab.
Step 1: From the Priorities module home page, click the row or View under the "Actions" column of the priority to update.
Step 2: Click the Assets tab.
Step 3: Click Link Assets.
Step 4: Use the filters so that the list only shows assets relevant to the priority.
Step 5: Select the assets to link. Click Continue with X assets.
Step 6: Select any associated findings to link. Use the findings filters to narrow the search results. Click Link x associated findings or Continue without findings.
The user is returned to the Assets tab page. A notification will appear confirming the action, and the page will refresh with the recently added assets appearing.
Findings and assets included in a priority can be removed individually or via bulk actions. Any removed findings or assets from a priority will remain in their existing reports and not be deleted from PlexTrac.
Any assets associated with a finding will remain in the priority after the finding is unlinked, and any findings added via its association with an asset will remain after an asset is unlinked.
Step 1: Click the Findings tab from the priority details page.
Step 2a: Click the meatballs menu of the priority and click Unlink finding from priority.
Step 2b: Select multiple findings, click the Actions button, and click Unlink findings from priority.
Step 3: A dialog box will appear asking for confirmation. Click Unlink.
Step 1: Click the Assets tab from the priority details page.
Step 2a: Click the meatballs menu of the priority and click Unlink asset from priority.
Step 2b: Select multiple findings, click the Actions button, and click Unlink assets from priority.
Step 3: A dialog box will appear asking for confirmation. Click Unlink.
The Metrics tab in the Priorities module provides a comprehensive overview and management system for priorities. It aims to give security teams a centralized place to track priority remediation efforts and related findings and assets.
Users have the ability to filter by various criteria, utilize charts for in-depth analysis, and gain insights into top findings, asset tags, and severity breakdowns.
This page is available by clicking Metrics from the Priorities home page.
The page is divided into multiple sections to help users quickly navigate and access the information. The modular layout ensures that each topic is self-contained, allowing users to find relevant details more efficiently.
The fields displayed in a graph can be modified by clicking the field name above the chart to delete it. Once removed, the field is shown in grey.
Although the field is removed for display purposes, it does not change the overall calculation of the metrics.
Click a field that is greyed out to add it back.
Some graphics provide more details by hovering over the image with the cursor.
Clicking results (when available) within a graphic will launch a side drawer with more information about the priorities being referenced.
This section enables filtering of priority metrics displayed to the client by date range, severity, owner, tags, and status.
The URLs within the Metrics tab will contain the filters used and shared with other users.
This section displays key priority metrics.
Click a box to view more detailed information about each metric (all boxes will open a side drawer except the "Percentage of linked findings to priorities" box).
Clicking the priority listed in the side drawer will open the Priority Detail side drawer for further investigation.
This box provides a bar or pie chart of priorities by status and score. Toggle between the two views by clicking the desired option in the upper right-hand corner.
This box provides a bar or pie chart of priorities by status and the score based on the formula Likelihood x Impact (for example, 6 x 8 = 48). Toggle between the two views by clicking the desired option in the upper right-hand corner.
This box provides a bar chart of the owner's priority status to better understand resource allocation. If no owner is assigned, the value "No priority owner" is leveraged.
The box has an embedded scroll bar when applicable.
This box provides a bar chart of priority status by treatment owner to better understand resource allocation. The value "No treatment owner" is leveraged if no owner is assigned.
The box has an embedded scroll bar when applicable.
This box provides a bar or pie chart of findings in priorities by tag and severity. Toggle between the two views by clicking the desired option in the upper right-hand corner.
The box has an embedded scroll bar when applicable.
This box provides a bar or pie chart of asset priorities by tag and criticality. Toggle between the two views by clicking the desired option in the upper right-hand corner.
The box has an embedded scroll bar when applicable.
The Priorities module enables users to access an advanced view that provides valuable insights into their security efforts. This module is crucial for effectively managing findings and assets by offering a collaborative platform that empowers team members to work together and address security challenges efficiently. Additionally, users can customize security measures to meet the unique requirements of individual clients or business groups.
Users access the module by clicking Priorities in the application's main menu.
It is recommended to read the admin settings documentation before using priorities. More detailed instructions regarding the impact of tenant-level vs. client-level settings can be found in the Licensing section, while information on equations can be found in the Automations section.
The Priorities module offers value to teams seeking to streamline and automate reporting processes while providing a layer of risk assessment to existing manual pentests and offensive security data.
Key benefits include:
Automated Workflow Efficiency: Automating workflow processes streamlines reporting cycles, reducing manual efforts and time spent on tasks.
Risk Prioritization: Enables custom scoring equations to prioritize identified risks, allowing teams to focus on the most critical issues for immediate remediation.
Proactive Risk Management: This tool enables a proactive approach to managing offensive security data by providing an aggregated view of vulnerabilities, allowing for better risk assessment and remediation planning.
Continuous Risk Reduction: Through ongoing validation, it demonstrates a continuous reduction in risk, ensuring that remediation efforts effectively mitigate future security risks.
If a user is an owner or author of a priority, an indicator will be displayed on the Dashboard home page under the Your assignments tab. Clicking the Your priorities box will display the priorities and role assigned, along with other fields specific to the Priorities module.
The following roles are related to Priorities and, when assigned, will result in a user having a priority box displayed on the Dashboard:
Priority Owner
Priority Author
Treatment Owner
Depending on the tenancy configuration and user role assignment, an email may be sent to users for the following event changes:
Priority status
Priority assignment
Finding status
Finding substatus
Assignment
Notifications will also be provided in the app, accessible by clicking the bell icon at the top of any PlexTrac page next to the user name.
Users can view and access all priorities related to their tenancy on the Priorities home page. This view provides options for sorting and filtering on multiple fields.
Clicking the priority row or View under a priority's "Actions" column directs users to the priority Details summary page, including additional tabs for Findings and Assets.
The Details tab provides the priority description, recommendation, treatment, and any assigned tags. The column on the right provides additional information about the priority.
This tab displays all findings contained in the priority.
Bulk action options appear after one or more findings are selected on the home page by clicking the checkbox to the far left of the finding title field or by clicking the box next to the column header.
Click Actions to see the list of options.
The table view can be customized by clicking the column view icon to the right of the search bar.
Once clicked, a modal appears that lists all fields. To remove a column, click X within the bar.
Fields that are required do not have an X available.
When fields are removed, an "Add Column" pulldown menu is added at the bottom left of the modal to store the field. Any removed fields can be added later by clicking Add Column and selecting the field to add.
This modal represents the sequence of fields provided in the table, meaning the bar on top will be the column on the table's far left.
The order of columns can be adjusted within this modal by clicking the six dots on the left of the bar for a field and dragging the bar to the desired sequence place.
Click Save when finished.
This tab displays all assets contained in the priority.
Bulk action options appear after one or more findings are selected on the home page by clicking the checkbox to the far left of the finding title field or by clicking the box next to the column header.
Click Actions to see the list of options.
The table view can be customized by clicking the column view icon to the right of the search bar.
Once clicked, a modal appears that lists all fields. To remove a column, click X within the bar.
Fields that are required do not have an X available.
When fields are removed, an "Add Column" pulldown menu is added at the bottom left of the modal to store the field. Any removed fields can be added later by clicking Add Column and selecting the field to add.
This modal represents the sequence of fields provided in the table, meaning the bar on top will be the column on the table's far left.
The order of columns can be adjusted within this modal by clicking the six dots on the left of the bar for a field and dragging the bar to the desired sequence place.
Click Save when finished.
Admins do additional setup and configuration in the Admin Dashboard.
It is recommended to read the admin settings documentation before using priorities to understand the impact each setting has on the experience.
Priorities can be set at the tenant or client levels and configured under "General Settings" of the Admin Dashboard.
PlexTrac allows admins to leverage a priority score equation instead of the manual approach of setting a score based on likelihood and impact. Equations can be enabled and customized under the "Automations" section of the Admin Dashboard.
The priority score can be viewed under the progress bar on the Details tab of a priority.
The equation's name and formula are listed if contextual scoring is enabled.
The progress meter for a priority can be viewed on the Priorities home page (if configured) or the Details tab of a priority.
The value displays 0% when the priority is created. Progress is updated manually. To edit the progress value, perform the following steps:
Step 1: Click Update progress from the Details tab of a priority.
Step 2: Select the desired value on the scale with the cursor in increments of ten.
Step 3: Click Update.
The updated value now appears on the page.
The priority score is viewed on the Priorities home page and the Details tab of a priority.
It can be updated by clicking Update Score under the meatballs menu.
The priority status is viewed on the Priorities home page and the Details tab of a priority.
Status can be updated via bulk actions, but to update for one priority, perform the following steps:
Step 1: Click the priority status flag on the Priorities home page (or click the priority status flag displayed on the Details page).
Step 2: Select the desired status indicator from the pulldown menu.
Step 3: Click Update status.
A notification confirms the action.
Existing priorities can be updated in two ways:
Step 1a: From the Priorities home page, click Edit priority under the meatballs menu.
Step 1b: From the Details tab of a priority, click Edit Priority.
All fields available when the priority was created can now be edited.
Step 2: Click Save when finished.
Bulk action options appear after one or more priorities are selected by clicking the checkbox to the far left of the Priority title field or by clicking the box next to the column header.
Click Actions to see the list of options.
Step 1: From the Priorities module home page, click Create Priority.
Step 2: If client-level priorities are enabled, select a client by scrolling through the list or using the search box to filter. When the client is found, click Select.
If only tenant-level priorities are enabled, the user will go directly to Step 4.
Step 3: Click Next.
Step 4: Enter a priority name and additional information into the fields on the page.
Priority (required): The title of the priority.
Status: The status of the overall priority.
Severity: The severity of the overall priority.
Priority author: This value is auto-populated, and the user's email who created the priority. Another email can be selected by clicking within the box and choosing from the pulldown menu.
Priority owner: The priority owner. Select the priority owner(s) by clicking within the box and choosing from the pulldown menu.
Identification date: This is the date that the priority was identified. The priority may have been determined or observed at a prior date.
Priority description: An RTF field to enter the description of the priority.
Recommendation: An RTF field to enter a recommendation for remediating the priority. A recommendation is the ideal advice or guidance to address a particular issue or concern. It suggests a best practice or a course of action to help prevent or mitigate security risks.
Treatment: An RTF field to enter a treatment of the priority. Treatments are the remediation taken, often not the ideal recommendation due to resource and time constraints.
Treatment owners: A list of owner(s) who will own the priority treatment.
Tags: Enter any tags associated with the client (new or existing). Any special characters will be removed, and any spaces will be replaced with an underscore (_).
Target remediation date: Identifies the ideal date that findings for the priority will be resolved. Place the cursor in the field box to select a date from the calendar.
Actual remediation date: Identifies the date that the priority was remediated. Place the cursor in the field box to select a date from the calendar.
Likelihood (score): Select a number from one to ten to denote the probability that the findings and assets in this priority will result in malicious actions.
Impact (score): Select a number from one to ten to denote the effects of malicious actions on the findings and assets in this priority.
Priority score: This value is the product of the two factors (likelihood and impact values) entered previously.
Reason for score: This field allows for an explanation for others on the rationale for entering the values used for the priority score.
Step 5: Scroll back to the top of the page and click Save.
The information entered is presented on the priority details page.
This page is the Details tab view reached when clicking View under the "Actions" column in the row of an existing priority on the Priorities module home page.
